Certified in Risk and Information Systems Control (CRISC) — Question 1146

Which of the following presents the GREATEST risk to an organization with a large number of Internet of Things (IoT) devices within its network?

Answer options

• A. Network connectivity issues with IoT devices
• B. Increased instability and failure of IoT devices
• C. Insufficient IoT policies and procedures
• D. Interoperability between IoT devices

Correct answer: C

Explanation

The correct answer is C because insufficient IoT policies and procedures can lead to security vulnerabilities and management challenges, making the organization more susceptible to attacks. Options A, B, and D, while they can cause issues, do not inherently pose the same level of risk as the absence of proper governance around IoT devices.